Your Data Is Safe With Us

Last updated: June 18, 2026

To monitor your credit across all three bureaus, Score Guardians needs sensitive information — including your Social Security number. We take that responsibility seriously. This page explains, in plain language, what we do to keep your data protected.

1. Why We Need Your SSN — and How We Handle It

Here is what we do and do not do with your SSN:

• We encrypt it immediately. Your SSN is encrypted in transit using TLS and encrypted at rest in our database. It is never stored in plain text.
• We never display it in full. After enrollment, your SSN is masked everywhere in our interface. No employee, support agent, or system log ever sees the full number.
• We transmit it only to retrieve your credit data. Your SSN is sent — over an encrypted connection — to our credit-data partner Array solely to pull your reports. It is never shared for marketing, sold, or used for any other purpose.
• Strict access controls apply. Systems that process SSNs follow a least-privilege model: only the specific automated processes that require the SSN to call the bureau can access it. Human staff cannot retrieve your full SSN from our systems.

2. Encryption in Transit and at Rest

Every connection between your browser and our servers uses TLS (Transport Layer Security) — the same encryption standard used by banks and major financial institutions. The padlock icon in your browser confirms the connection is encrypted. We do not support older, less secure protocols.

Sensitive fields stored in our database — including SSNs, identity data, and payment tokens — are encrypted at rest using industry-standard encryption algorithms. Encryption keys are managed separately from the data they protect, stored in a dedicated secrets management service, and rotated on a regular schedule.

3. Payment Security

If you believe an unauthorized charge has been made to your card, contact us immediately at (855) 472-6734 or support@scoreguardians.com, and also notify your bank or card issuer.

4. Access Controls and Least Privilege

We follow a least-privilege principle: every person and every automated system is given access only to the data and functions strictly necessary for their job. Specifically:

• Our internal tools restrict access to member data based on business role. A billing specialist sees billing records; they do not have access to raw credit report data.
• Administrative access to production systems requires multi-factor authentication (MFA) and is limited to a small group of authorized personnel.
• Access to systems that handle credit data and SSNs is logged and auditable.
• Employee access is reviewed periodically and revoked promptly upon role change or departure.

5. Multi-Factor Authentication

We require multi-factor authentication for all administrative and privileged access to systems that store or process your credit data. We strongly recommend that you also enable MFA on your Score Guardians member account (once available in your account settings) to further protect access to your dashboard.

6. Infrastructure and Reputable Cloud Providers

Score Guardians is built on commercial cloud infrastructure provided by well-established, enterprise-grade cloud providers who maintain their own comprehensive security programs, physical data-center controls, and compliance certifications. Our infrastructure is configured to follow security best practices including network segmentation, firewall rules, and automated vulnerability patching.

We work with trusted vendors under written agreements that require them to maintain appropriate security standards for any data they handle on our behalf.

7. Continuous Monitoring and Incident Response

We maintain programs designed to detect and respond to security events, including:

• Logging and monitoring of authentication events, API calls, and administrative actions;
• Automated alerting for anomalous access patterns;
• A documented incident response plan that defines how we investigate, contain, and remediate security incidents;
• Regular review of security configurations and third-party vendor posture.

In the event of a data breach that affects your personal information, we will notify you as required by applicable federal and state law, and we will take prompt action to contain and remediate the incident.

8. GLBA Safeguards Rule Compliance

Our program includes:

• A written information security plan with a designated security lead;
• Risk assessment processes to identify and prioritize threats to member data;
• Technical, administrative, and physical safeguards commensurate with the risks identified;
• Vendor oversight to ensure service providers who access member data maintain appropriate security;
• Regular testing and monitoring of the effectiveness of our safeguards;
• Employee security awareness training.

9. What We Do Not Claim

We believe in transparency. We do not claim certifications or compliance frameworks we have not pursued. Specifically:

• We do not currently claim SOC 2 Type II certification (though we follow many of its principles).
• We do not claim PCI DSS certification for payment data — that obligation belongs to our payment processor, who maintains PCI DSS compliance on our behalf.
• No security program is perfect. While we work hard to protect your data, we cannot guarantee that security measures will never be circumvented.

We make only the commitments described on this page. If you have questions about our specific practices, email us at support@scoreguardians.com.

10. Reporting a Security Concern

To report a security concern:

• Email: support@scoreguardians.com — use the subject line "Security Concern."
• Phone: (855) 472-6734

Please include as much detail as possible: what you observed, when, and how to reproduce the issue if applicable. We ask that you do not publicly disclose any potential vulnerability until we have had a reasonable opportunity to investigate and address it.

11. Tips for Protecting Your Own Account

Security is a shared responsibility. Here are steps you can take to protect your Score Guardians account:

• Use a strong, unique password for your Score Guardians account — one you do not use on any other site.
• Enable multi-factor authentication on your account when prompted.
• Never share your login credentials with anyone.
• Be alert to phishing emails. Score Guardians will never ask for your full SSN, password, or payment card details by email.
• Review your credit alerts promptly — an unexpected alert can be an early warning of identity theft.
• If you suspect your identity has been stolen, contact the three credit bureaus directly to place a fraud alert or credit freeze.

12. Contact

Security and trust questions:

• Email: support@scoreguardians.com
• Phone: (855) 472-6734
• Mail: ScoreGuardians LLC, Attn: Security, mailing address to be added

Also see our Privacy Policy for a full description of how your data is collected, used, and shared, including our GLBA notice.